Security behaving strange when adding users to project groups
Hi.
Hope someone can answer why our TFS server behaving as it does.
We are using TFS RTM 1.0 Trial, while waiting for the cds to be distributed
If the user is not member of any TFS group, the user has no access to the TFS server at all. - Great this works as it should.
If the user is a member of one of the projects, the user has access to all projects. This is both source safe and lots of other stuff.
To get more background I will try to explain the behaviour. I have made 5 projects call them A,B,C,D,E
First I add the user to [project B]\readers. Then I look through the rest of the projects using this user to see how many dinied signs I find. Access is denied on project B.Documents, B.Reports, C.Documents, E.Documents
next remove permission and add the user to [project B]\readers instead . Then I look through the rest of the projects using this user to see how many dinied signs I find. Access is denied on project C.Documents, E.Documents
next remove permission and add the user to [project C]\readers instead. Then I look through the rest of the projects using this user to see how many dinied signs I find. Access is denied on project B.Documents, E.Documents
next remove permission and add the user to [project D]\readers instead. Then I look through the rest of the projects using this user to see how many dinied signs I find. Access is denied on project A.Documents, B.Documents, C.Documents and E.documents
next remove permission and add the user to [project E]\readers instead. Then I look through the rest of the projects using this user to see how many dinied signs I find. Access is denied on project A.Documents, B.Documents, C.Documents
How I think it should work. If the user are reader on one project the user should not be able to access other projects or if he can see all projects he must not be able to see workitems, documents, reports, VSS stuff and so on.
Can anyone tell me why the TFS server is behaving as it does?
Please help.
Best regards,
Jens
